The hearing of the special committee on aging will come to order. Decades ago the warning caveat emptor, buyer beware, was the best advice one could give to a consumer seeking to borrow money. Well, that advice is still valid today. There are laws that seek to insure that consumers understand the obligations that they are taking on and that lenders have to play by the rules. Since the passage of the federal truth in lending act in 1968 and similar state laws around the nation, credit providers have been required to disclose key terms of Consumer Credit agreements up front in easytounderstand language. If you want to know what Interest Rate youll pay on a new credit card, youll find it in big, bold letters right there on the front of your application. Likewise, Interest Rates on car loans, personal loans, mortgages and myriad other Consumer Loan products are clearly and conspicuously displayed. But as we will learn today, that is not true for socalled pension advances. Pension advances are agreements under which consumers usually retirees receive cash lump sums in exchange for part or all of their monthly pension check. The effective Interest Rate on these Lump Sum Payments can be outrageous. One company charged nearly 120 last year. That fact, however, is hidden in the pension advance agreements which do not include the simple and clear disclosures required by law for Consumer Loans. Instead, these contracts are so convoluted that it is difficult for consumers to realize just how much their lump sum pension advance is really costing them. By way of comparison, i would like to direct your attention to this chart. Using the state of washington as an example, this chart shows the average Interest Rate charged on various forms of Consumer Debt compared to the effective rates on pension advances. The first three bars from the left show Interest Rates on typical sources of Consumer Credit. 4. 3 for car loans, 9. 7 for personal loans and 12 for credit card debt. The three bars on the right are Interest Rates calculated by Government Accountability office, better known as gao, on pension advances that one company sold in Washington State over the past three years. As you will see, the rates escalated to an astonishingly high 117 last year. All of these rates are higher than the state of washingtons usury rate of 25 . As if these Interest Rates werent bad enough, many Pension Advance Companies require their customers to sign complex documents whose terms can only be described as deliberately deceptive. Typically, customers are required to take out Life Insurance policies naming the pension advance company as the beneficiary. Most consumers simply dont realize that the rates that they are paying are so high. For example, one of my constituents didnt understand that he was paying a rate of 54 on his pension advance until his tax preparer told him that the deal just didnt look right and advised him to contact the main bureau of the maine bureau of Consumer Credit protection. Second, many of these consumers are financially vulnerable and desperate for cash. These Pension Advance Companies exploit this desperation. They also use flashy, aggressive and misleading advertising to encourage quick and uninformed decisions. It is extremely troubling that some companies aggressively target the patriots who have served our country, our veterans. They use web sites displaying the uniform and wrapped in red, white and blue and run ads in military magazines. Federal law prohibits the assignment of pensions of enlisted military retirees, but Pension Advance Companies too often ignore this prohibition just as they ignore federal and state laws requiring clear disclosure of Interest Rates on Consumer Loans and just as they ignore state usury laws that set a ceiling on the amount of interest that can be charged on Consumer Loans. Pension advance companies claim that these laws simply do not apply to them, arguing that their products are not Consumer Loans or assignments, but simply advances. Todays hearing builds on this committees Ongoing Investigation into pension advances and continues our efforts to protect americas seniors from shadowy schemes that threaten their financial security. I hope that any retiree considering a pension advance will think carefully before taking that step and will seek advice on other ways to obtain financial assistance. I look forward to hearing the testimony of all of our witnesses today. With that, id like to turn to our Ranking Member, senator claire mccaskill. Thank you, senator collins, chairman collins. Retirement security and Consumer Protection are both large parts of this committees focus and mission under the leadership of chairman collins. Todays hearing presents an opportunity to look at an alarming practice that intersects both of these committee priorities. The defined benefit pension plan is considered the Gold Standard in terms of retirement security. Although it is not as popular as it once was, those people retiring today with a defined benefit plan are incredibly fortunate. They get a fixed payment for life, so they cannot outlive their savings. And they did not have to figure out how to invest this money or how much to put aside. They are saved from the burden that they may not have had the financial wherewithal to adequately care for themselves throughout retirement. Nor do they have to worry about an economic downturn happening right before they cash out. Willie sutton explained that he robbed banks because thats where the money is. Well, these seniors with define canned benefit plans defined benefit plans are similarly ripe targets for a different kind of crook. These fraudsters offering pension advances are undermining all the advantages of these defined benefit plans, making what had been a secure retirement suddenly very unsettled. Worse still, these folks are targeting some of the pillars of our communities, our firefighters, our teachers, our veterans. They are also finding unwitting victims among elderly investors looking for a safe investment at a time in their lives when they are looking for ways to earn a little bit of money without taking a large financial risk. It truly is an impressive scam that is able to take advantage of both sides of the financial transaction; the investor and the pensioner. But that is what these pension advance schemes have been doing. Today we will hear firsthand from victims of these schemes as well as those in the Public Sector and Consumer Protection groups about their efforts to combat this problem. This committee is also investigating the bad actors behind these schemes, and i commend chairman collins for using this committees investigative and oversight powers to go after these folks. Right now there simply is not enough being done here, because its a legal gray area. So while we hear from our arkansas witness about all the good work she is doing down there to protect the public, unfortunately, once she catches these guys she cannot prevent the same bad actors changing their corporate name and putting down roots somewhere else to find new victims in other states. Theres only one state in the country where Pension Advance Companies are not trying to take advantage of teachers, veterans and firefighters, and that im proud to say is in my home state of missouri. I want to commend the work of our state treasurer who joined republicans in the missouri General Assembly to push for this legislation last year. This bill received enormous bipartisan support with no one testifying against it. Among those who spoke on the bill is one of our witnesses today, maria walden, from the Public School and education Employee Retirement systems of missouri. The largest defined plan in our state and one of the best plans in the country. She will talk about the legislation banning pension advances and the protections that cover her members. Im also pleased to say that thus far our state has not had any reports of Pension Advance Companies coming to missouri since the bill was signed into law. I am hopeful other states will follow missouris lead and protect those Public Employees who have spent their careers protecting us. Once again, i want to thank the chairman for calling this hearing and for our witnesses for joining to discuss this problem today. I look forward to your testimony. Thank you. Thank you very much. Were now pleased to turn to our panel of witnesses. First, we will hear from dr. And mrs. Louis kroot. He is a retired Navy Physician from kentucky, and he and his wife kathie will share with us their personal experience in selling their pension to a pension advance company. Next well hear from steven lord, the managing director at the Government Accountability office who will discuss gaos investigation of the pension advance industry. We will then hear from kaycee wolf from the arkansas security department, and i would like to call on our colleague, senator cotton, for the introduction of ms. Wolf. Thank you. Im pleased to introduce kaycee wolf who will testify about the work she and her colleagues did fighting pension advance fraud in arkansas. Kaycee is a university of Arkansas Law School alum and has helped protect people for the last five years with the arkansas Securities Department. Her work with the Securities Department was not about preventing sophisticated parties from entering mutuallybeneficial agreements. Instead, as we will hear, her team spent thousands of hours successfully fighting outright fraud and blatant misrepresentation of contracts. Kaycee, thank you for i peering for appearing for us today. Its an honor to have you here. Arkansas and i are are proud of the work you and your team have done and hope it canning be a model for the entire country. Thank you. We will then hear from stuart rossman, the director of litigation at the National Consumer law center, and i understand that senator warren would like to introduce this witness. Thank you, chair collins. I am pleased to introduce one of our witnesses today, mr. Stuart rossman. As you said, hes the director of litigation at the National Consumer law center in boston, massachusetts. I just want to say about mr. Rossman, he is deeply knowledgeable about the law, but he also has a very thorough understanding about what is actually happening to people across this country. In other words, he knows husband stuff his stuff, and we are lucky to have him here today. Thank you, mr. Rossman. Thank you. And finally, i want to ask senator mccaskill if she would like to add anything. You mentioned our final witness on this panel, maria walden. If you have anything you would like to add to what you said in your opening statement. Well, as i mentioned in my opening statement, she is the director of legislation and policy for the Public School and education Employee Retirement system. It is one of the finest pension programs in the country. We, i like to remind our teachers in missouri that we are not high on the scale when it comes to salaries, but when i was auditor, we were number one in the country in terms of pension benefits. Are we still number one . We are very close. Yeah. I know that we have one of the finest pension programs for people on the front line of every social ill that faces our country. I think we forget that it is teachers that were asking to do so much more than teach in so many places in our country today. So well deserved, good pensions, i think, are something that we all need to in this country realize is an important part of financial security. So im proud of your organization and so glad that youre here today. Thank you. Thank you all for joining us. We look forward to hearing from your testimony, and were going to start with dr. And mrs. Kroot. Chairman collins, Ranking Member mccaskill, distinguished senators on the committee, thank you for the opportunity to appear before you today and to testify about our familys experience with pension advances. We are here today as husband and wife because in our 34 years of marriage, we have always operated as a team, and ours is a shared cautionary tale. For 32 year 22 years i served our country in the navy as a physician. When i retired as commander, i intended to work as a doctor, and i did so as an er attending physician in several hospitals. Today i continue to work as an er attending at eva hospital in lexington, kentucky. My wife kathie has done incredible work as an advocate for Organ Donation and as a dedicated volunteer at our synagogue. When i left the military, i planned to continue to provide for our family through work and through my military pension. But due to a perfect storm of unfortunate events, we were left with debts spiraling out of control. First, we received bad tax planning advice and moving funds from 401 k and incurred around 100,000 in unexpected fees and penalties. Second, we suffered over 10,000 in home repair from our Basement Flooding while our house was in escrow. Third, we incurred enormous amount of medical expenses when it became necessary for our adopted, special needs daughter to be repeatedly hospitalized for serious psychiatric medical condition. We were financially desperate at that time and did not know where to turn. We had incurred an extraordinary and unexpected debt. We were looking for any way to pay off this debt. We had seen advertisements in military magazines for companies that gave Lump Sum Payments for military pensions. We contacted one of these companies, structured investments, which was doing business under the name of retired military Financial Services, and they offered to provide us with a lump sum payment against my future pension payments. We jumped at the opportunity. We felt that the lump sum payment structured investments allowed us to pay off much of our existing debt. We understood at that time that we were taking an advance on monies that were due from future retirement payments. We understood that there would be fees for this service. We didnt realize how expensive it was going to be. We simply did not get out the calculator or see it as a loan. We were desperate, and we panicked. In fact, we realized wed been taken to the cleaners by structured investments. We were shocked when the complex math in the contract was broken down by a reporter and explained to us that we were paying over 30 interest on our advance. The paperwork we signed did not disclose the Interest Rate and did not break down how the numerous fees we were paying to structured investments raised our Interest Rate. An example of these fees are the thousands of dollars we paid for a Life Insurance policy on me required for the advance by structured investments. Listing structured investments as a beneficiary. And we needed to continue to pay this two years after the loan was paid off, because we needed consent from them in order to stop the insurance policy. We ended up paying more in interest with our pension advance than we would have paid if we simply paid off the interest over time on our existing debt load. Moreover, we learned after the fact that there were alternatives we could have used to reduce our debt load while avoid paying the high fees charged by structured investments. We paid off structured investments. Looking back on our experience, it is clear that we made a mistake. We should have been more aware of what we were buying. We also want to make clear that we accept that we signed the contract, and we accept responsibility for that. We should have known better. As we said, ours is a cautionary tale, and we want to make two points to those who may find themselves in a situation similar to ours. First, you have other options. You should explore those options, and you should resist the urge to reach for easy, immediate cash. Second, had we known what we now know, we would never have taken out the pension advance from structured investments with their unreasonable fees. We wish we could do everything over again and make better decisions. It is our fervent hope that by testifying today we can prevent other individuals from making the same mistake we did. Thank you again for the opportunity to be here. We look forward to your questions. Thank you very much for sharing your personal experience. When people hear that a physician can be tricked by these convoluted contracts with the lack of disclosure, i think it is a cautionary tale to others. And by coming forward and being willing to share your story, i believe that you will save others from making the same mistake, so i very much appreciate your sharing your story with us today. Mrs. Kroot, do you have anything youd like to add from your perspective . No. We should have known better. Im a math major, and i should have done the math. Well, i think the fact that these contracts could fool a physician and a math major probably tells you all you need to know about the lack of disclosure, the deception in the contracts, the hidden fees, the charges, and i think well hear next from mr. Lord that based on gaos investigation your experience is not at all uncommon, unfortunately. Thank you. Mr. Lord. Thank you, chairman collins, Ranking Member mccaskill and members of the committee. Im really happy to be here to discuss our june 2014 report on pension advances and the status of the Agency Efforts to implement our really important recommendations. This is a really important issue because its highlighted by dr. Kroot, theres companies out there using aggressive marketing techniques to target those who are vulnerable and those in urgent need of cash. Today id like to discuss three issues. First, the number and types of Companies Marketing these types of products. Secondly are, id like to discuss how the terms of these products compare to other similar Financial Products such as Consumer Loans and, finally, id like to clarify the role of the cfpb and the federal trade commission in overseeing these activities. First, regarding the overall numbers, at the time of our review we identified 38 companies that offered lump sum pension advance products. While 18 of these companies were located in california, the remainder were spread across several other states, and virtually all of them marketed these products on a nationwide basis through web sites. I think thats one of the key points we revealed through our work as well. And we found, interestingly, we found that at least 30 of these 38 companies were affiliated with in some manner, with each other. And that, if you could turn your attention to i call this our connecting the dots chart. This is not obvious from a consumer perspective, because if you make phone calls or conduct web site research, youre initially led to believe theres 38 companies out there operating independently by virtue of our undercover phone calls and followup research, we were able to identify connections between these entities. For example, dr. Kroot, the two companies he dealt with are exhibited in the upper lefthand corner. Thats company four. Thats as well as company five, structured investments is company four, and retired military Financial Services, company five. So its obvious it wasnt obvious to him at first blush that theyre related, but through our work we were able to identify these connections. Bottom line is the lack of transparency can make it difficult to file a complaint if youre a consumer, because you really dont know who youre dealing with. Also if youre considering making an investment in one of these companies, its difficult to do any research to, you know, assess the repute about of any of these vendors before making a financial decision. Second key point is regarding the terms of these deals as highlighted by dr. Kroot, the terms dont compare favorably with other similar Financial Products. How did we determine this . We analyzed 99 offers provided by Six Companies in response to our undercover phone calls. They did not know we were gao calling. They assumed we were a consumer interested in investing in these. And we found, first, these products had effective Interest Rates that were significantly higher than the legal limits set by states on Consumer Credit called the state usury limits. And these rates ranged from 27 to 46 Interest Rates. As you can see, thats considered really high. Second we also found that these lump sums offered through these companies were about half of what you would get through a defined benefits pension provider. If you were to get it directly from your pension provider, it averaged about half. The percentage was 46 to 55 . So, again, you can see these terms were not really that attractive from a consumer perspective. In terms of disclosure, as also highlighted by dr. Kroot, we found that of the 38 companies, most did not disclose an effective Interest Rate. So its really difficult to assess what type of rate are is being of rate is being provided. Bottom line of all our analysis, these were not a good deal for consumers, and the companies appeared to be operating in a regulatory gray area. There is some good news here in terms of our report recommendations. Cfpb has taken some recent enforcement action. August of this year it filed a complaint against Pension Funding llc, thats one of the entities dr. Kroot was dealing with as well as one other related entity. They also have released cfpb and ftc, some consumer advisories in this area. So its, its encouraging that the regulatory agencies are taking some regulatory and enforcement action as we recommended in our report. And this concludes my prepared remarks, and i look forward to answering any questions you have later. Thank you. Thank you very much. Ms. Wolf . Good afternoon, chairman collins, Ranking Member mccaskill and other distinguished members of the committee. I appreciate the opportunity to speak with you today about the investigation that the arkansas Securities Department conducted against one such pension advance company, bfg, and its owner, andrew gamber. What we found in our investigation is although bfg was located in little rock, arkansas, it used a network of individual agents who were located throughout the United States as well as various web sites with multiple domain names, Different Company names that was mentioned by the gao under this one company. And so it seemed like there were several Different Companies out there, and it was all under the um umbrella of bfg. They would try to locate pensioners who were interested in selling the rights to their pension payments for a lump sum, and theyd look for buyers who were looking to pay an amount for a steady return on investment. More than what the market was offering. Some of the investors also found out about this product through agents with whom theyd already had a professional relationship. Bfg facilitated everything for the transactions on both sides. The pensioner and the investor never spoke and never dealt directly with each other. They always dealt with bfg and bfgs agents. Once a pensioner was located,bfg would place the pension up for sale, and they would help the pensioner establish an escrow account. The pensioner would then submit paperwork provided by bfg to the Pension Company, and the company would be instructed to forward the pension amount to an escrow account. Once that money was in the escrow account, it was then directed to be forwarded to the investor each month. This is an important distinction, because at no time was the actual pension assigned. At no time did the pensioner relinquish control over his pension, and at no time did the investor have control over that a pension. The reason why this is important is because the number one complaint that we received was the failure of bfg and its agents to disclose the redirectoriesing. And what i mean by this is because the pensioner maintained control of his account, they could direct the Escrow Company to or direct the Pension Company to redirect the funds back to a different account and no longer to that escrow account. Or if the pensioner got into financial trouble and had to file bankruptcy, the pension would get caught up in the bankruptcy and would no longer go to the escrow account. So they were no longer getting that monthly return. They were never warped that this was warned that this was possible. The problem is that a lot of the investors we saw were Senior Citizens looking for a safe, lowrisk investment, and thats how this was packaged to them. Youd get a 79 return each month, and some of the investors were told it was government insured, which was patently false. Another miscommunication and blatant, outright lie from bfg was the failure to disclose the fees in these types of products. And youve heard something about that. Bfg failed to disclose the fee breakdown on both sides of the transaction. A pensioner never knew what their pension sold for, and on the other side of the table, investors never knew how much of that lump sum they paid actually went to the pensioner. They were told bfg would receive a fee, sometimes an administrative fee is how it was couched, and the investors were told but most of your moneys going to go to the pensioner, and that ended up not being the case because there was a failure to disclose the fees. What happened in reality was bfg would receive the lump sum payment from the investor, cut themselves a rather Large Commission off the top, then they would forward all of the commissions on to the individual agents. I saw one contract that had as many as six individuals receiving commissions off of one sale. Then they would pay the administrative fees such as the escrow fee and other various fees. And then along down the line, finally, the pensioner would receive a much smaller lump sum amount than what it was purchased for. And, again, there was no detailed disclosure about that to either side, either the investor or the pensioner. Unfortunately, with the arkansas Securities Department and its name, we are a securities regulator. So we were looking at in this from the investor side, and we were very limited in the type of regulatory action we could take. Fortunately for us, Arkansas State law is the risk capital test to be able to analyze it as an investment contract, and we determined that it was and, therefore, it was a security. So we were able to take enforcement action against bfg. However, the risk capital test is not the analysis in every state, nor federally. So it does vary state to state whether this would be considered a security. Although we were able to shut down bfg, it is unfortunate that mr. Gamber has not learned his lesson, because it seems that he has continued to flout authority and has developed other companies and looks to be doing the exact same thing, and we currently have are an Ongoing Investigation against him and some additional companies. So i want to conclude by thanking you for having me here to talk about our investigation, and i look forward to any questions you have. Thank you very much. Mr. Rossman. Thank you, chairman collins, Ranking Member mccaskill, members of the committee. I appreciate being invited to testify regarding pension advances and to report on recent cases involving military pension assignments. As senator warren noted, im the director of litigation at the National Consumer law center. For the past 16 years, ive been responsible for coordinating and litigating cases on behalf of income and agequalified individuals, a i testify on behalf of our elderly and low inco clients. In may of 2003, nclc was researching consumer scams perpetuated on active military personnel and ultimately issued a report. While we were investigating that report, we came across a separate issue. The judge advocate general corps felt that some of the greatest abuses they were seeing concerned the solicitation of reired military possessor retired military personnel. What we discovered was that companies and individuals were targeting veteran ares benefits usually by offering those upfront cash payments. Veterans receiving retirement and disability benefits are highly attractive targets more financial exploitation. I like to say that guaranteed streams of income are sort of like honey to bees. They are just naturally attracted to the fact that money is there and particularly where were dealing with vulnerable populations that are relying upon their pensions for their safety net. Retirement and disability benefits are regular, depend bl and long term, and its very easy to automatically transfer the funds each month. And in the military setting, its done by allotments. The veterans are always easy to reach through affinity marketing and advertising and targeted publications. More and more its now proliferated through the internet. The companies engage in what we call lead generators. When dr. Kroot was contacted by rmfs, that was a lead generator which then turned him over to Strategic Investments which was, in fact, the lender. So theyre actually serving [inaudible] as we previously heard. Finally, veterans may perceive themselves to have, they usually have heavy debt burdens or poor credit as a result of the financial strains of their deployment and their frequent relocations. I want to talk about a specific case that we had. We represented daryl henry who retired as a chief petty officer after 20 years of military service and had both combined pension and disability payments of over 1,000 a month. When he went to purchase a home, he found out that because of the debts he had had when he left the service, he did not qualify for a prime loan to purchase, and in trying to find a better option, he found an advertisement for retired military Financial Services, same company that reached out to dr. Kroot. They then referred him to the structured investors company, once again, the same company. And ive included the ad as part of my testimony. And he got a lump sum set of payments which, if he had figured out what the actual Interest Rate was, it was 28 which is far above the california usury law would permit. I do want to point out that we keep on point pointing out on the usury laws, unfortunately, approximately onethird of the states in our country have usury laws at this point. In california he would have been be protected, but in many states that would not have been true. Mr. Henry was told since the transaction was not a loan, his credit score didnt make any difference. They actually used it as a way of selling it to him that he could improve his credit score by paying down his loans. Mr. Henry got in touch with us, and we ended up bringing suit on we half of him behalf of him and other enlisted personnel in a case in california in superior court. We alleged that it was a contract that violated the usury statutes and was also a violation of the truth in lending. We also indicated it was a violation of the federal statutes both from the department of defense, Veterans Administration that prohibit assignments. Putting them in a rock and a hard place. If they said it wasnt a contract, it was an assignment, if it wasnt an assignment, it was going to be a contract. If it was, in fact, a violation of either of those statutes, we claimed it was a violation of the california Consumer Protection statute. We actually tried the case in may of 2011, and in august 2011 the judge issued his rulings finding that, in fact, it was a violation of vod and dod and Veterans Administration regulations and, therefore, a violation of the california Consumer Protections statute and awarded our clients 2. 9 million worth of damages. Unfortunately, in the interim the California Division of corporations had shut down the company mainly because our litigation had stopped their flow of income, and subsequent to our getting the judgment against the two principals, they all filed for bankruptcy. And received bankruptcy protection. Interestingly enough, one of the reasons why they dont want these to be contracts is because as contracts they would be dischargeable as unsecure debts. Yet once we got the judgment, they sought the protection of the bankruptcy courts to prevent having to pay the judgments. My client, mr. Henry, ended up getting nothing out of the deal because he had paid off his loans already. A number of individuals who had been in the process of paying off their loans at least could stop at that point. Mr. Henry told me that at least he stopped this company from doing these bad transactions. Unfortunately and quite honestly, my clients here are the heroes here. The lawsuit that mr. Lord was just referring to that was filed a couple of weeks ago by the Consumer FinanceProtection Bureau along with the new York Department of Financial Services was against a company could Pension Funding, and three of their managers were named as defendants in in the suit, one of who was mr. Steven koh i have who covey. The Pension Funding group does not do military loans. He apparently learned enough of that lesson but, fortunately, the regulators in that case were able to step forward. I think the bottom line answer to this is that we need to insure that the usury laws are obeyed, we need to make sure that the various federal and state agencies are enforcing the law. Individuals have the ability to going to leave this hearing, take you live now to the pentagon for a briefing by the commander of the Resolute Support mission in afghanistan. Introductions right now for general John Campbell after an airstrike over the weekend. Very short notice. I do have a prepared statement id like to read through here and then take a couple questions. I want to take this opportunity to address the very serious and tragic circumstances of the airstrike that occurred in kunduz on october 3rd. My deepest condolences to those innocent civilians who were harmed and killed on saturday. I echo the secretarys comments about the tremendous work that doctors without boards conducts in afghanistan borders conducts in afghanistan and throughout the world. They have provided invaluable medical assistance to those most in need in afghanistan. As you know, the taliban attacked the city of kunduz on september 28th. Afghan Security Forces have been fighting to remove the insurgents ever since. Unfortunately, the taliban have decided to remain in the city and fight from within, knowingly putting civilians at significant risk of harm. Our forces are in the area to provide training, advice and assistance to the Afghan Forces. While our personnel are not directly engaged in the fighting, they are providing valuable support to the afghans. Afghanistan remains an area of active hostilities, and our personnel continue to operate in harms way. Therefore, they retain the inherent right of selfdefense. We have now learned that on october 3rd Afghan Forces, that they were taking we have now learned that on october 3rd Afghan Forces advised that they were taking fire from enemy positions and asked for air support from u. S. Forces. An airstrike was called to eliminate the taliban threat, and several civilians were accidentally struck. This is different from initial reports which indicated that u. S. Forces were threatened and that the airstrike was called on their behalf. As has been reported, i have ordered a thorough investigation into this tragic incident, and the investigation is ongoing. The afghans had ordered the same. If error ares were committed, we will acknowledge them. Well hold those responsible accountable, and well take steps to insure mistakes are not repeated. Well await the outcome of the investigation to provide any additional updates, and we will share the results of the investigation once it is complete. As you know, the United States military takes extraordinary steps to avoid harm to civilians. However, the taliban have purposely chosen to fight within a heavily urbanized area, purposefully placing civilians in harms way. We will continue to take all necessary steps to avoid future civilian casualties. Again, i want to offer my deepest condolences to those innocent civilians harmed and killed on saturday. I would be remiss if i did not offer my condolences to the crew and passengers of the cand 0 aircraft c130 aircraft that crashed on saturday. These and all of those who have fallen before them are the true heroes of our efforts in afghanistan over the past. Years the past 14 years, and ill take a few questions. Nick, please. General, your revelation that it was the afghans that advised the americans . Have you ordered a suspension or change in the current rules of engagement . I wont go into current or past rules of engagement, but i would tell you that our men and women continue to understand the rules of engagement, follow those rules of engagement. This was a case, again, more will come out from the investigation, thats why we have these investigations. I have had the opportunity to talk to the investigating officer, Brigadier General rich kim who is up in kunduz now. Thats why i passed out this Additional Information and, again, i want to be able to let the investigation go its course and then provide updates based on that. But i have not suspended, i have not suspended train, advise and assist support to the afghans. Do those rules of engagement allow for afghans to call in american airstrikes, and what kind of fallback or failsafe appreciate the question. Again, i dont want to go into those great details, and i dont want to coffer rules of engagement in this form at this point in time. Those will come out, well make sure those are the same type of questions that i know everybody will want to ask ask one final question, general, if i could. Because this raised doubts. Does this bring into question the current strategy to train the afghans . Do they have the ability to take over that fight . And does it raise questions about the current timetable for the withdrawal of u. S. Troops . Yeah. You know, im back here in washington to testify to congress. Ill take those questions from congress. Again, ive been very public that the afghan Security Forces continue to get better and better, and im very proud and honored to serve with them. Three times in afghanistan where they were just a couple years ago to where they are today is pretty astounding. And i think that they continue to be very, very resilient, and they continue to need our support in areas that weve identified years ago that would be very, very tough for any army; intelligence, logistics, fire support. So well continue to work our afghan partners, continue to train, advise and assist, and, again, im back in washington to talk about those subjects. Barbara . Just to clarify, you were saying a couple of points. There were no u. S. Troops on the ground at risk in extreme misat the time this strike was called in, is that that youre telling us . What i said was the Afghan Forces called in for fire to support them because they were under direct fire. We have afghan correction, we have u. S. Special forces that continue to train, advise and assist at the tactical level. But i think the impression that people got after the first couple days is they were firing directly on u. S. Forces, and what im telling you today as ive talked to the investigating officer as we continue to get updated information, that that was not the case in this place here. Although you dont want to talk about rules of engagement, and i understand that, is there anything you can factually tell us, pardon me, about u. S. Troops, u. S. Air crews and the rules that they do operate under to not strike restricted targets such as hospitals, mosques and schools . People have a lot of curiosity about this, and its generally understood those are targets that you do not strike. Can you talk about that yeah. Again, very broadly we do not strike those kind of targets, absolutely. Lots of interest in the airplane that was used. Was it an ac130 gunship or a fixed wing dropping bombs . I think its been reported that it was an ac1330 gunship. That, in fact, was what it was. General campbell excuse me did you authorize this airstrike . Whose initials are on the authorization . Does an american have to authorize for an ac130 to strike . Thatll come out in the investigation, jennifer. Also whats this rfl . Again, im not going to go into those kind of details. Well wait for the investigation of to come out with that. General [inaudible] Doctors Without Borders are calling this almost a war crime, theyre demanding an independent investigation because theyre saying having this go through military channels is not going to be providing enough information on the details. What are your thoughts on that . Would you recommend an independent investigation . First off, were going to do everything we can to be open and transparent. Ive got both u. S. 156 investigation, nato investigation, and the afghans will conduct their own investigations. If theres other investigations out there, well make sure we coordinate. General, what does this mean in terms of Going Forward with air support . Have you paused airstrikes, or is the war going to continue for your purposes as it was before this took place . Again, im going to hold that question before we get through the investigation. I dont want to go into rules of engagement. They provided gps coordinates, military and civilian officials as recently as tuesday, september 29th. Did you receive those coordinates, or were they relayed to you by a third party . Those are some of the things that will come out in the investigation. In the back, please. [inaudible] says for half an hour they tried to get the coordinates to say we are under fire from both washington and kabul. Why didnt that get up the chain of command faster . Again, thats why we do these investigations. Thatll all come out in the investigation, very detailed explanation of what we know, what we dont know. All those questions that youre asking are the same types of questions that the investigating officer, general kim, will ask as well. Make it crystal clear, there were no u. S. Personnel under fire at the technical level when this airstrike was called in. What i said was that the afghans asked for air support from a special forces team that we have on the ground providing train, advise and assist in kunduz. The initial statement that went out was that u. S. Forces were under direct fire contact, and what im doing is correcting that statement here. Please. [inaudible] good to see you too. Just so i understand this, u. S. Forces, how close were they to the ones, to the Afghan Forces that called in the strike . Youwere they with them at the t . Again, thatll come out in the investigation. All the questions youre asking are good questions, the same questions the investigating officers taking a look at. I should have a preliminary report in the next couple of days. Hes my senior investigator, hes on the ground in kunduz today. I had an opportunity to talk to him this morning. As i get Additional Information, well make sure we work through the joint staff. Ill take one more question in the back here, please. Would it have been more forceful if an a10 was plying the over flying overhead . What i would tell you is our forces and the Afghan Forces continue to work very hard to minimize any kind of civilian casualties. Im not going to get into different platforms, a10 versus ac130. All of this, all the questions you asked are very good questions. Well be open and transparent with this. Well make sure, again, theres a u. S. Piece of this, a nato piece of it, and the afghans as well want to make sure they conduct their investigation, and we Work Together with all of them, and as soon as we have Additional Information that we can provide, ill make sure we provide that. Thank you again very much. Today Health Care Officials in charge of statelevel insurance exchanges discuss Health Care Availability and cost projections. The alliance for Health Reform hosts the live event at 12 15 p. M. Eastern here on cspan2. On tuesday the Senate Armed ServicesCommittee Held a hearing on u. S. Cybersecurity threats and policy. James clapper, director of National Intelligence, admiral michael rogers, National Security agency director, and Deputy Defense director or robert work testified. This is two hours and 15 minutes. [inaudible conversations] good morning. The Committee Meets today to receive testimony from deputy secretary of defense robert work, director of National IntelligenceJames Clapper and admiral mike rogers, the commander of u. S. Cyber command. Director of the National Security agency and chief of the Central Security service. We thank each of the witnesses for their service and for appearing before the committee. We meet at a critical time for the defense of our nation from Cyber Attacks. In just the past year, we all know the United States has been attacked by cyberspace, in cyberspace by iran, north korea, china and russia. Indeed, since our last cyber hearing in march, the attacks have only increased, crippling or severely disrupting networks across the government and private sector and compromising sensitive National Security information. Recent attacks against the joint chiefs of staff, the pentagon and the office of Personnel Management are just the latest examples of the growing boldness of our adversaries and their desire to push the limits of acceptable behavior in cyberspace. New intrusions, breaches and hacks are occurring daily. The trends are getting worse, but it seems the administration has still not mounted an adequate response. They say they will, quote, respond at the time and manner of our choosing, unquote, but then either take no action or pursue largely symbolic responses that have zero impact on our adversaries behavior. Not surprisingly, the attacks continue. Our adversaries steal, delete and manipulate our data at will, gaining a competitive economic edge and improving their military capability. They demonstrate their own means to attack our Critical Infrastructure, and they do all of this at a time and manner of their choosing. More and more, they are even leaving behind what admiral rogers recently referred to as, quote, cyber fingerprints showing that they feel confident that they can attack us with impunity and without significant consequences. Just consider the recent case with china. After much hand wringing, it appears the president will not impose sanctions in response to chinas efforts to steal intellectual property, pillage the designs of our critical Weapons Systems and wage economic espionage against u. S. Companies. Instead, last weeks state visit for the president of china simply amounted to more vague commitments not to conduct or knowingly support cyberenabled theft of intellectual property. Whats worse, the white house has chosen to reward china with diplomatic discussions about establishing norms of behavior that are favorable to both china and russia. Any internationallyagreedupon rules of the road in cyberspace must explicitly recognize the right of selfdefense as contained in article 51 of the u. N. Charter along with meaningful human rights and intellectual Property Rights protections. The administration should not concede this point to autocratic regimes that seek to distort Core Principles of the International Order to our detriment. Make no mistake, we are not winning the fight in cyberspace. Our adversaries view our response to malicious cyber activity as timid and ineffectual. Put simply, the problem is a lack of deterrence. The administration that not demonstrated has no demonstrated to our adversaries that the consequences of continued Cyber Attacks against us outweigh the benefit. Until this happens, the attacks will continue, and our National Security interests will suffer. Establishing cyber deterrence requires a strategy to defend, deter and aggressively respond to the challenges to our National Security in cyberspace. That is exactly what the congress required in the fiscal year 2014 National Defense authorization act. That strategy is now over a year late and counting. And while the department of defenses 2015 Cyber Strategy is a big improvement over previous such efforts, it still does not integrate the ends, ways and means to deter attacks in cyberspace. Establishing a cyber deterrence also requires robust capabilities both offensive and defensive that can pose a credible threat to our adversaries, a goal on which the congress and specifically this committee remains actively engaged. The good news here is that significant progress has been made over the past few years in developing our cyber force. That force will conclude will include a mix of professionals trained to defend the nation against Cyber Attacks to support the geographic combatant commands in meeting their objectives and to defend do to d networks. This is good. But the vast majority of our dod resources have gone towards shoring up our Cyber Defenses. Far more needs to be done to develop the necessary capabilities to deter attacks, fight and win in cyberspace. Policy indecision should not become an impediment to capability development. We to not develop weapons do not develop weapons because we want to use them, we develop them so as we do not have to. And yet in the cyber domain, as admiral rogers testified in march, quote were at a tipping point. He said, quote weve got to broaden our capabilities to provide policymakers and operational commanders with a broader range of options. We must invest more in the offensive capabilities that our Cyber Mission teams need to win on the cyber battlefield. The fiscal year 2016 ndaa seeks to address this challenge in a number of ways, including a Pilot Program to provide the commander of Cyber Command with limited, rapid acquisition authorities. Finally, we know the Defense Department is in the process of assessing whether the existing combatant command structure adequately addresses the mission of cyber warfare and whether to elevate Cyber Command to a unified command. There are worthwhile arguments on both sides of this debate. I look forward to hearing admiral rogers views on this question and his assessment of how an elevation of Cyber Command might enhance our overall Cyber Defense posture. I also look forward to hearing from our witnesses what, if any, progress b heart attack made on address has been made on addressing the delegation and exercise of authority to use cyber capabilities. I thank the witnesses again for appearing before the committee. I look forward to their testimony. Senator reed. Thank you very much, mr. Chairman. And let me commend you for scheduling this very important hearing. Its an appropriate time to discuss a number of important cyber issues with our witnesses, especially in light of the cyber agreements announced last friday between president obama and the president of china. I want to thank director clapper, deputy secretary work and Cyber Commander admiral rogers for their testimony today and for their service to the notion. Thank you, gentlemen, very much. Let me start with a series of cyber agreements with china. The apparent commitment by china to cease stealing u. S. Intellectual property for their economic gain is notable, and i expect we will have a robust discussion about chinas compliance and our course of action if it does not. Chinas leaders must be aware that its reputation is standing and standing in the eyes of the American People will continue to decline if this piracy does not stop which, ultimately, will have a tremendously negative impact on our relations with china. I would also emphasize the potential importance of china embracing a set of International Norms in cyberspace developed by the United Nations which includes a commitment to refrain from attacks on other nations Critical Infrastructure. Next, i would highlight that we are facing the recurring issue of whether or when to elevate Cyber Command from a subunified command to a full unified command and whether to sustain the current dual hat arrangement. I understand the department may be nearing a recommendation to the president that the next unified command plan elevate Cyber Command to a unified command. The committee in the past has questioned whether Cyber Command is mature enough to warrant elevation to a unified command and whether the dual hat arrangement should continue when a decision is made to elevate the command. Put simply, if Cyber Command is so reliant on nsa that common leadership is still necessary,ing is it ready to stand on its own . This is an issue that i think is very critical Going Forward for this committee. Directly related to that question is the maturity of Cyber Command and the status of the military cyber yownlts that the department only began fielding over the last two years. The department is meeting its can schedule for standing up these units with trained personnel, but by its own admission, the equipment, tools and capability of these forces remain limited. Indeed, the committees proposed fy inform 16 National Defense authorization act includes the mandate that agents from among the services to build a socalled unified platform, persistent training environment and command and control systems that are necessary for these forces to operate effectively. It will take a number of years to build these capabilities. We are behind in developing these military capabilities for our cyber forces because the Defense Department was persuaded that the systems and capabilities that nsa already has would be adequate and appropriate for use by Cyber Command. This is an important example of assumed critical dependency on nsa and an assumed commonality between intelligence operations and military operations in cyberspace that in some cases turned out to be inaccurate. For a number of years, this committee has been urging the executive branch to work diligently to identify all practical meds to de methods to deter malicious actions in cyberspace. Some believe that retaliation in cyberspace is a necessary and effective component of such a strategy. I look forward to hearing the views of our witnesses on this matter. Of. Post snowden, u. S. Technology companies, fearful of losing business at home and abroad, are encrypting communications, and offering encryption services, for which even the companies themselves have no Technical Capability to unlock. Fbi director comey has given multiple speeches warning that Law Enforcement agencies and intelligence agencies will be going dark, with serious consequences for Public Safety and National Security. Season of the questions are important to afford it to your testimony. I thank the witnesses. Director clapper, i try to impress on members to show deference to old age, to would like to begin with you. Chairman mccain, Ranking Member reed, members of the committee when they testified on the intelligence worldwide threat assessment at the end of february Cyber Threats to our annual threat report for the third year in a row. We are here today to respond to the several requests enter invitation letter. I will focus on overview of Cyber Threats briefly that face our nation and their National Security implications, and then secretary work, admiral rogers will follow as well. We will as you understand fractured into some classified aspects we wont be able to discuss as fully in this open televised hearing. I do want to take note of and thank the members of the committee who are engaged on this issue and have spoken to it publicly as the two of you just have to. So by way of overdue Cyber Threats to u. S. National and Economic Security are increasing in frequency, scale, sophistication, and severity of impact. Although we must be prepared for large armageddon scale strike that would debilitate the entire u. S. Infrastructure, that is not we believe the most likely scenario. Our primary concern now is low to moderate level Cyber Attacks from a variety of sources which will continue and probably expand. This imposes increasing cost to our business, choose economic competitiveness interNational Security. Because of our heavy dependence on the internet, nearly all information Communication Technologies and i. T. Networks and systems will be perpetually at risk. These weaknesses provide an array of possibilities for nefarious activity by cyberthreat actors, including remote hacking instructions, supply chain operations to insert compromised hardware or software, malicious actions by insiders and simple human mistakes by system users. These Cyber Threats come from a range of actors including nationstates which fall into two broad categories. Those with highly sophisticated cyber programs, most notably russia and china are. Competitors. And those with lesser technical capabilities but more nefarious intent such as iran and north korea were also, but who are also much more aggressive and unpredictable. Them and unpredictable. Them to our nonnation state energies, criminals motivated by profit, hackers or extremist motivated by ideology. Profit motivated cybercriminals relentlessly networked Online Marketplaces often referred to as the cyber underground, or dark web. That provide a forum for the merchandising of illicit tools, services and infrastructure. And stolen personal information and financial data. The most significant financial cyber criminal threats to u. S. Entities and our International Partners come from a relatively small subset of actors, facilitators and criminal forums. And terrorist groups will continue to experiment with hacking which can serve as a foundation for developing more advanced capabilities. Cyber espionage, criminal and terrorist entities all undermine data confidentiality. Denial of Service Operations and data deletion attacks undermine availability. And any future i believe we will see more Cyber Operations that would change or manipulate electronic information to compromise its integrity. In other words, compromise its actors and liabilities instead of deleting it or disrupting access to it. As illustrated with the opm of bridges, counterintelligence risks are inherent. When foreign intelligence agencies that get access to an individuals identity, information, of course the problem the department of defense has and can. Foreign intelligence agencies could target the individual, family members, coworkers and neighbors using physical and electronic methods. For extortion more recruiting purposes. Speaking of the opm reaches for the sake of words about attribution to it is not a simple process, and also these three related but distinct determinations. The geographic point of origin, the identity of the actual perpetrator doing the keystrokes, and the responsibility for directing the act. Indicates of opm with differing degrees of confidence in our assessment of the actual responsibility for each of these three elements. Such malicious cyber activity will continue and probably proby accelerate until we establish and arrested the capability to deter oshas statesponsored cyber activity. Establishing critical different, agreement on norms of cyber behavior by the international community. So iso in summary the cyber thrs to u. S. National and Economic Security have become increasing and diverse, sophisticated and harmful. There are a variety of federal entities that work the cyber problem indeed just an fbi, nsa and other sector specific agencies like treasury and energy. Everyday each of these centers and entities get better what they do individually. I believe we have reached a point where we think its time to get together all the intelligence the separate activities need to defend our networks because while these entities may be defending Different Networks that are often often defend against the same threats. Thats one reason we formed a small center to integrate cyberthreat intelligence, national with the time is conflagration of such a center to parallel the centers we operate for counterterrorism, counter proliferation and counterintelligence and security. Without limited to deputy secretary work. Chairman mccain, Ranking Member reed, distinguished names of the committee, thank you very much for inviting us here this morning to talk about the threats of cyber. This committee has led the way discussing the threats and the response to these threats by the department looks forward to working with committee to get better in this regard. S. Deny clapper said cyberintrusion and attacked by both state and nonstate actors have increased dramatically. In recent years and particularly troubling are the increased frequency and scale of statesponsored cyber actors breaching use government and business networks. These adversaries continually adapt and evolve in response are cyber countermeasures, threatening our networks and systems of the department of defense, our nations Critical Infrastructure and u. S. Companies and interests globally. The recent spate of cyber events to include intrusions into opm on the tax on sony at the joint staff that works by three separate state actors is not just espionage or convenience but threat to our National Security. Thats one of our responses to this growing threat we released in 2015 the dod Cyber Strategy which will guide the development of our cyber forces and strengthen our cybersecurity and cyber deterrence posture, that is, its an. The department pushing hard to achieve the departments three Core Missions as defined in the strategy. The first and absolutely most Important Mission is to defend networkethe networked systems ad information. Secretary carter has made this the number one priority in the department, and we are really getting after it now. Second to defend the nation against cyber events of significant consequence, third provide cyber support to operation and contingency plans. In this regard to use of Cyber Command may be directed to conduct Cyber Operations in coordination with other Government Agencies as appropriate to deter, defeat strategic threats in other domains. My submitted statement, mr. Chairman, contains additional detail on how we are moving out to achieve these three strategic goals but i would like to highlight a particular focus on deterrence, especially since i know this is key in the minds of most of the members. I want to acknowledge up front that the secretary and i recognize that we are not where we need to be in our deterrent posture. We do believe that there are some things the department is doing that are working to we need to improve in this area without question. Thats why we revised our strategy. The deterrence is a function of perception that he would fight convincing any other said that the cost of conducting the attack far outweigh any benefits and, therefore, our three main pillars of our cyber deterrence strategy in terms of deterrence are denial, resilience and cost imposition. Denial mr. Bunning the cyber adversary from achieving his objectives, resilience is assuring our systems will continue to perform come essential military task even when there contested in the cyber environment and cost imposition is our ability to make our adversaries to a much higher price for their malicious activities than they hoped for. Id like to briefly discuss these three elements. To deny the attacker the ability to adverse impact of military missions we have to better defend our own Information Networks and data. We think investments we made in these capabilities are starting to bear fruit but we recognize the technical upgrades are only part of the solution. Nearly every single one of the Successful Network exploitations that weve had to deal with and be traced to one or more human errors which allowed entry into our network. Raising the level of individual Cybersecurity Awareness and performance is absolutely paramount. Accordingly we are working to transform our cybersecurity culture, something we ignored for a long time, longterm by improving Human Performance and accountability in this regard. As part of this country we just recently published the cybersecurity discipline Implementation Plan in a scorecard. This is brought before the secretary enemy every month and that are critical to achieving this goal of securing our data internetworks and mitigating risk and beauty missions. A scorecard holds commanders accountable for hardening and protecting their inputs and Critical Systems until so have them hold accountable their personal and direct as us of the complaints reported to the sector ended on a monthly basis. The first scorecard was published in august of this year, and it is being added to and approved as we go. Nile means defend the nation against Cyber Threats of significant consequence. The president has directed you the working partnership with other agencies to be prepared to stop the most dangerous cyber events. There may be times with the president and the sector the defense directs dod end of to conduct a defensive Cyber Operation to stop the cyber attack from impacting our national interest, and that means building and maintaining the capabilities to do just about. This is a Challenging Mission requiring highend capabilities and extremely high trained teams get we are building our Cyber Mission force and deepening our partnership with Law Enforcement and intelligence communities to do that. The second principle is improving resiliency by reducing the build up our adversaries to attack as this cyberspace and protecting our ability to execute missions in a degraded cyber environment. Our adversaries of you dod cyber dependency as a potential wartime vulnerability. Therefore, we do our utmost to fight through cyberattacks as a Critical Mission function. That means normalizing cybersecurity as part of our Mission Assurance effort, building redundancy whenever systems are vulnerable, training constantly to operate in a contested cyber invited her our adversaries have to see that the Cyber Attacks will not provide them a significant operational advantage. The third aspect of deterrence is having to demonstrate a capability respond to cyber on noncyber means to impose costs on a potential adversary. The administration has made clear we will respond to Cyber Attacks in a time and and place of our choosing and the department is to the cyber options to aggressive at risk in cyber space is required. Successfully executing our missions hope of government and hold the nation approach. And for that reason dod continue to work with our partners and other federal departments and agencies and the private sector and our partners around the world. Address the shared challenges we face. Secretary carter has placed particular emphasis on partnering with the private sector. The department doesnt have all of the entries and is working with industry we think will be very, very critical. Pilot a relationship with congress is critical. The sector and i have very much appreciate the support provide the dod cyber activities throughout, from the very beginning, and we understand and were looking forward to the National Defense authorization act to see if there are other improvements that we can do. I encourage continued efforts to pass legislation on cybersecurity information sharing. We think that is critical. Data breach notification and Law Enforcement provisions relate to cybersecurity which were included in the president s legislative proposal submitted earlier this year. I know you agreed the market people expect us to defend the country against Cyber Threats, the sector and i look for to working with this committee and congress to ensure we take every step possible to confront the substantial risks we face in the cyber realm. Thank you again for inviting us here today. And getting the attention that youve always given to this urgent matter. Id like to pass it on now to admiral rogers, if thats okay, mr. Chairman. Chairman mccain, Ranking Member reed and distinguished rivers of the committee, i am honored to appear before you today to discuss your cyber policy and the state of Cyber Threats worldwide. I would like to thank you for convening this forum and for your efforts in this important area. Im also honored to visit alongside director clapper and deputy secretary of defense work. It gives me great pride to appear before you today to highlight and commend the accomplishments o of the uniform and seven person on u. S. Cyber command. I am both grateful for and humbled by the opportunity ive been given to lead our cyber team in the important work they do in the defense of our nation and our department. We are being challenged as never before to defend our nations interests and values in cyberspace against states, groups and individuals have using sophisticated capabilities to conduct cyber coercion, and exploitation. The targets of the efforts extend well beyond government and into private and businesses and personally identifiable information. Our military is in Constant Contact with agile, learning adversaries in cyber space to adversaries that is shown the capacity and the willingness to take action against soft targets in the United States. There are countries that are integrating Cyber Operations into a total strategic concept for fencing the regional ambitions. Figure Cyber Operations both to influence the perceptions and actions of states around them, and toshiba we see as our options for supporting allies and friends in a crisis. We need to deter these activities by showing they are unacceptable, unprofitable and risky for the instigators. The u. S. Cyber command is building capabilities that can contribute and make her commitments even more credible. We are hardening our networks and showing an opponent cyber aggression will not be easy. We are creating a nation force, trained and we like any other maneuver element that is defending dod networks, supporting joint force commanders and open to defend Critical Infrastructure within our nation. We are partnering with federal, forward and Industry Partners and exercising together to rehearse concepts and responses to destructive of Cyber Attacks against Critical Infrastructure to we are generating options for commanders and policy makers across all phases of the conflict and particularly in phases are told at risk what our adversaries truly value. The demand our cyber force far out strict supply but we continue to rapidly matured based on realworld expenses and hard work of the men and women of just Cyber Command and our Service Cyber components as well as our broader partners. Id like to assure the committee u. S. Cyber command has made measurable progress. We are achieving significant operational outcomes and with a clear path ahead. With that thank you again, mr. Chairman, and members of the committee for convening this forum, inviting all of us to speak. Our progress has been made possible in no small part because of the support from this committee and other stakeholders. Unity of effort within our department and across the Us Government in this nation set is essential. I appreciate our continued partnership as we built our nations Cyber Defenses. I welcome your questions. Thank you, admiral. Thank the witnesses. Director clapper, recently former chairman and joint chiefs dempsey was asked about various threats to the United States security, and he said and whole range of threats we have a significant advantage, except in cyber. You agreed with that assessment . Its probably true. We have a, i guess, exhibited what our potential capability there is, so i think thats one of the reasons, implicit reasons why i have highlighted Cyber Threats in the last three years of my worldwide threat assessments. I think you edge of done that i think at least great effect before this committee. As a result of the chinese leader in washington, there was some agreement announced between the United States and china. Do you believe that that will result in an elimination of chinese Cyber Attacks . Well, hope springs eternal. I think we will have to watch what their behavior is and it will be incumbent upon the Intelligence Committee i think to depict, portrayed where policymakers what Behavioral Changes come if any, result from this agreement. Are you optimistic . No. Thank you. Admiral rogers, you recently stated quote is a perception, quote little price to pay for engaging in some pretty aggressive behaviors and because of a lack of repercussions, easy actors, nationstates, indeed willing to do more. That was what you said. What is required . What action is required to deter these attacks since theres little price to pay . What do we have to do to make it a heavy price to pay . I think we have to clearly articulate in broad terms what is acceptable and not acceptable, Norms Committee will come of behavior. Were declared a articulate that as a nation were developing a set of capabilities, prepared to use those capabilities it they are required are not necessary a preference. We could want to engage in a dialogue with those around us. But on event wouldve to acknowledge the Current Situation we find ourselves in. I dont think theres anyone who would agree that it is excitable and it is in our best longterm interest as a nation. I say with respect understand its not acceptable, but in other words, what would enact a price . Would it be relations in other areas . Would it be counter attacks . What actions would be and how range of arsenals to respond to . So i think its potential all of those things. The first comment i would make i think sony is a very instructive example of one of the things i would remind people. When you think that deterrence much more broadly not just focus within the cyber arena. I got a response to sony where we for example, talked about economic options as a nation, we would exercise was a good way to remind the world around us that theres a broad set of capabilities and lovers of are payable to us as a nation where prepared to do more than just respond in kind, if you will leavers. Director clapper come one of the things that is been disappointed discipline to the committee is physical year Defense Authorization bill passion of the required the president to develop an integrated policy. The strategy is now a year late. Can you tell us where we are in that process and what you feel is what might bring the administration in compliance . Youre asking me about policy development . Yes. I think i would defer to secretary work on that. Well, mr. Chairman, as weve said over and over we believe our cyber deterrence strategy is constantly evolving and getting stronger speech im talking about a policy, not a strategy, mr. Secretary. It required a policy that fiscal year 40 National Defense authorization act speak applause is dealt a development you would live forever good Cyber Strategy. The policy has been outlined in Broad Strokes by not broad enough i would think. Does it describe the weather we deter or whether we respond or whether, in other words, as far as i know, and the committee knows, that theres been no specific policy articulated in compliance with the requirement in the Defense Authorization act. If you believe it as i would be very interested in hearing how it has. I believe the Broad Strokes are we im not asking Broad Strokes. Suppose theres a cyber attack like the one opm. To have a policy as to what we did speak with yes, we do speak what is that speak with the first is to try, first we denied and then we first find out, we do the forensics im not asking the methodology. Im asking the policy. To you respond by counter attack . The respond by trying to enact other measures . What do we do in case of a Cyber Attacks because we respond anytime and and placed does that mean we counter attacks . That may be one of the options spent thats not a policy. That is exercised in options it was not got a policy and for you to sit there and tell me that you do, a broad stroke strategy frankly is not in compliance with the law. Senator reed. Well, thank you very much, mr. Chairman. Director clapper, we are constantly engaged Information Operations with many other nations and there and fought with operations, trying to as you indicated in your testimony influence the opinion, disguise activities, disrupt, et cetera. What agencies under your purview or outside your purview are actively engage Information Operations in the United States in the cyber world . Actually served from a childs perspective we would be back in that we dont at least what i can speak publicly engage in that as a part of our normal intelligence activities. So we keep other arms, support other arms of the government, and those responsible for messaging. The National Counterterrorism center has an office that is devoted to countering violent extremism cant income helping to develop themes are recommending things based on what we glean from intelligence for potential vulnerabilities and messages that would appear that there is a groups various groups to obfuscate the message, disrupted or compete with it. But generally speaking, intelligent writ large doesnt actively engaging Information Operations. Are these other agencies that you provide information to adequately resourced and staffed so they can use it effectively, or are they getting a lot of good insights and sitting around wondering what they can do . Speak with if i were king, which im not, i think of have a much more robust capability from the standpoint of resource commitment to counter messaging. And that would fall outside the purview of intelligence for the state department as well as other agencies . Correct spin we are all old enough to member the voice of america when it was a pretty dominant sort of source of information. Information. Personal opinion only, not company policy, i would have think perhaps, you know, usia on steroids that would address these messages more broadly and more robustly but thats strictly personal opinion. In terms of which were observing, particularly some of our competitors have been extraordinarily robust Information Operations. They dont lack the resources or personnel and their constant engage in these types of Information Operations, enhancing their image, discrediting their opponents, actively engaging local groups in other countries of interest, et cetera. And were sort of on the sidelines. I think thats quite right. In contrast to us, Russian Intelligence Services are very active and very aggressively engaged in messaging. Thank you. Admiral rogers, this issue of encryption that director comey pointed to come i think your thoughts would be very helpful. So the issue that we find ourselves, this is blasphemy on the u. S. Cyber comman use of cye amateur on the nsa side, is communications increasingly going into encryption, where every aspect of that is encrypted and the data and documentation is protected. At a level with the current state of technology is difficult to o